Justice Department plans to expand cops' access to data

The Justice Department plans to have a nationwide program to allow
law enforcement officials from participating agencies to access data on each other’s unclassified systems, a senior department technology
official said today.

Jeremy Warren, Justice’s chief technology officer, said the
program would use a federated identity management approach to let
officials use a single sign-on capability to access data from other
participating organizations. Warren said a multiyear test for the
program has been successful and the department plans to take it nationwide by the end of this year.

Warren said the program allows participating agencies to
leverage the work that a home organization has done to vet people who
use its systems. The program lets officials use credentials from their home agencies to access systems from other participating agencies.

He discussed the program during an event held by AFCEA's Bethesda, Md., chapter and subsequently described the plans in more detail to reporters.

“Generally, today if you are a Los Angeles Police Department
detective and you’re trying to access some system at [U.S. Immigration
and Customs Enforcement], at [the Justice Department], or at [the]
Chicago Police, then those organizations are going to need to look you
up, verify your identity, decide whether or not you’re trustworthy,
give you some kind of user name and password so they recognize you next
time you come back,” he said. “It’s really wasteful. It’s inconvenient
for the users to have to do this: It takes a lot of time [and] wastes a lot
of money.”

Warren also said the approach would bolster security because
it's more secure to rely on the access determinations of someone’s home
agency that are most up-to-date.

Justice has been working with the FBI’s Criminal Justice
Information Services to expand the system nationally, Warren
said. The policies for the federated system are being determined by law
enforcement officials from different levels of government that
participate in CJIS’ Advisory Policy Board, he added. CJIS will then
serve as the executive for the program and broker the technology for it.

In addition, Warren said the program would include a portal to
let participating organizations advertise their systems and view those
of other agencies.

Warren said participants will have to sign memorandums of understanding.

“It’s really based on trust,” he said. “The technology just
allows you to make sure nobody’s cheating, that nobody’s spying, and
that it’s actually valid.”